Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Registration Gating (Proof-of-Work, Terms of Service) #87

Merged
merged 30 commits into from
Jan 17, 2024
Merged
Show file tree
Hide file tree
Changes from 28 commits
Commits
Show all changes
30 commits
Select commit Hold shift + click to select a range
1bd5a91
Add optional (disabled by default) support for requiring new DIDs to …
finn-block Oct 31, 2023
a3076ad
Merge branch 'main' into pow
thehenrytsai Jan 3, 2024
ef774fd
tos -> terms of use
thehenrytsai Jan 3, 2024
0ddefcd
Added TenantGate reference and minor comments
thehenrytsai Jan 3, 2024
b303da4
Merge branch 'main' into pow
thehenrytsai Jan 3, 2024
ccce1d4
pow -> proofOfWork
thehenrytsai Jan 4, 2024
ae0885e
Introduced ProofOfWork class to encourage code reuse
thehenrytsai Jan 4, 2024
ba3376a
Reused nonce verification code in ProofOfWork library
thehenrytsai Jan 4, 2024
5a4984f
Removed coupling between Express and tenant gate implementation + rem…
thehenrytsai Jan 4, 2024
bb3eb3a
Added ProofOfWorkManager to manage the PoW difficulty
thehenrytsai Jan 5, 2024
75eb96f
Swapping out leading-zero implementation with more granular implement…
thehenrytsai Jan 5, 2024
1ba211e
Integrated RegistrationStore with RegistrationManager + added main-li…
thehenrytsai Jan 8, 2024
0720f67
Removed obsolete code in RegisteredTenantGate.
thehenrytsai Jan 9, 2024
e525a5a
100% code coverage + removed dedicated RegistrationTenantGate in favo…
thehenrytsai Jan 9, 2024
6af9f46
Added detection of response nonce reuse + added documenation
thehenrytsai Jan 10, 2024
8421ff1
Simplified how registration is configured
thehenrytsai Jan 10, 2024
ea6a505
Added a few logs to make debugging server environment issues easier
thehenrytsai Jan 10, 2024
a551cb2
Minor update
thehenrytsai Jan 10, 2024
441242c
Merge branch 'main' into pow
thehenrytsai Jan 10, 2024
9ce8c6c
paackage-lock.json
thehenrytsai Jan 10, 2024
0374ec0
Removed Proifle type
thehenrytsai Jan 10, 2024
b705b48
Renamed /info.json -> /info
thehenrytsai Jan 11, 2024
deadd00
Moved currentSolveRateInFractionOfDesiredSolveRate initialization
thehenrytsai Jan 11, 2024
54c128b
Exposed difficultyIncreaseMultiplier
thehenrytsai Jan 11, 2024
b6dfc11
Updated comment
thehenrytsai Jan 11, 2024
33b12b5
Exposed DWN_REGISTRATION_PROOF_OF_WORK_INITIAL_MAX_HASH setting
thehenrytsai Jan 11, 2024
7fcb9d3
Fixed SQL-lite directory does not exist error
thehenrytsai Jan 11, 2024
2e38253
Added TODO for issue #101
thehenrytsai Jan 11, 2024
a933360
Addressed review comments
thehenrytsai Jan 16, 2024
b36d176
Added comment
thehenrytsai Jan 16, 2024
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
21 changes: 16 additions & 5 deletions .c8rc.json
Original file line number Diff line number Diff line change
@@ -1,8 +1,19 @@
{
"all": true,
"cache": false,
"extension": [".js"],
"include": ["dist/esm/src/**"],
"exclude": ["dist/esm/src/types/**"],
"reporter": ["text", "cobertura", "html"]
}
"extension": [
".js"
],
"include": [
"dist/esm/src/**"
],
"exclude": [
"dist/esm/src/types/**",
"dist/esm/src/**/*-types.js"
],
"reporter": [
"text",
"cobertura",
"html"
]
}
4 changes: 1 addition & 3 deletions .eslintrc.cjs
Original file line number Diff line number Diff line change
Expand Up @@ -6,15 +6,14 @@ module.exports = {
},
plugins: [
'@typescript-eslint',
'prettier',
'todo-plz', // for enforcing TODO formatting to require "github.com/TBD54566975/dwn-server/issues/"
],
env: {
node: true, // Enable Node.js global variables
browser: true,
},
rules: {
'prettier/prettier': 'error',
'max-len': ['error', { code: 150, ignoreStrings: true }],
curly: ['error', 'all'],
'no-console': 'off',
'@typescript-eslint/explicit-function-return-type': ['error'],
Expand All @@ -37,5 +36,4 @@ module.exports = {
{ commentPattern: '.*github.com/TBD54566975/dwn-server/issues/.*' },
],
},
extends: ['prettier'],
};
1 change: 0 additions & 1 deletion .prettierignore

This file was deleted.

12 changes: 0 additions & 12 deletions .prettierrc.json

This file was deleted.

7 changes: 3 additions & 4 deletions CONTRIBUTING.md
Original file line number Diff line number Diff line change
Expand Up @@ -70,9 +70,9 @@ We take our open-source community seriously. Please adhere to our [Code of Condu

### Code Style

- Our preferred code style has been codified into `eslint` and `prettier`.
- Feel free to take a look onto [eslint config](https://github.com/TBD54566975/dwn-server/blob/main/.eslintrc.cjs) and [prettier config](https://github.com/TBD54566975/dwn-server/blob/main/.prettierrc.json).
- Running `npm run lint:fix` and `npm run prettier:fix`will auto-format as much they can. Everything they weren't able to will be printed out as errors or warnings.
- Our preferred code style has been codified into `eslint`.
- Feel free to take a look onto [eslint config](https://github.com/TBD54566975/dwn-server/blob/main/.eslintrc.cjs).
- Running `npm run lint:fix` will auto-format as much they can. Everything they weren't able to will be printed out as errors or warnings.
- We have a pre-commit hook which would run both commands with attempt to autofix problems
- It runs by [husky](https://github.com/TBD54566975/dwn-server/blob/main/.husky/pre-commit) and executes [lint-staged command](https://github.com/TBD54566975/dwn-server/blob/main/package.json#L89)
- Make sure that no errors/warnings are introduced in your PR
Expand All @@ -91,7 +91,6 @@ We take our open-source community seriously. Please adhere to our [Code of Condu
| `npm run clean` | deletes compiled JS |
| `npm run lint` | runs linter |
| `npm run lint:fix` | runs linter and fixes auto-fixable problems |
| `npm run prettier:fix` | runs prettier and fixes auto-fixable problems |
| `npm run test` | runs tests |
| `npm run server` | starts server |
| `npm run prepare` | prepares husky for pre-commit hooks (auto-runs with `npm install`) |
46 changes: 36 additions & 10 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -268,7 +268,6 @@ cloudflared tunnel --url http://localhost:3000
| `npm run clean` | deletes compiled JS |
| `npm run lint` | runs linter |
| `npm run lint:fix` | runs linter and fixes auto-fixable problems |
| `npm run prettier:fix` | runs prettier and fixes auto-fixable problems |
| `npm run test` | runs tests |
| `npm run server` | starts server |
| `npm run prepare` | prepares husky for pre-commit hooks (auto-runs with `npm install`) |
Expand All @@ -277,15 +276,19 @@ cloudflared tunnel --url http://localhost:3000

Configuration can be set using environment variables

| Env Var | Description | Default |
| ------------------------- | -------------------------------------------------------------------------------------- | ---------------------- |
| `DS_PORT` | Port that the server listens on | `3000` |
| `DS_MAX_RECORD_DATA_SIZE` | maximum size for `RecordsWrite` data. use `b`, `kb`, `mb`, `gb` for value | `1gb` |
| `DS_WEBSOCKET_SERVER` | whether to enable listening over `ws:`. values: `on`,`off` | `on` |
| `DWN_STORAGE` | URL to use for storage by default. See [Storage Options](#storage-options) for details | `level://data` |
| `DWN_STORAGE_MESSAGES` | URL to use for storage of messages. | value of `DWN_STORAGE` |
| `DWN_STORAGE_DATA` | URL to use for data storage | value of `DWN_STORAGE` |
| `DWN_STORAGE_EVENTS` | URL to use for event storage | value of `DWN_STORAGE` |
| Env Var | Description | Default |
| ------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------- | ---------------------- |
| `DS_PORT` | Port that the server listens on | `3000` |
| `DS_MAX_RECORD_DATA_SIZE` | Maximum size for `RecordsWrite` data. use `b`, `kb`, `mb`, `gb` for value | `1gb` |
| `DS_WEBSOCKET_SERVER` | Whether to enable listening over `ws:`. values: `on`,`off` | `on` |
| `DWN_REGISTRATION_STORE_URL` | URL to use for storage of registered DIDs | `sqlite://data/dwn.db` |
| `DWN_REGISTRATION_PROOF_OF_WORK_ENABLED` | Require new users to complete a proof-of-work challenge | `false` |
| `DWN_REGISTRATION_PROOF_OF_WORK_INITIAL_MAX_HASH` | Initial maximum allowed hash in 64 char HEX string. The more leading zeros (smaller number) the higher the difficulty. | `false` |
| `DWN_TERMS_OF_SERVICE_FILE_PATH` | Required terms of service agreement if set. Value is path to the terms of service file. | unset |
| `DWN_STORAGE` | URL to use for storage by default. See [Storage Options](#storage-options) for details | `level://data` |
| `DWN_STORAGE_MESSAGES` | URL to use for storage of messages. | value of `DWN_STORAGE` |
| `DWN_STORAGE_DATA` | URL to use for data storage | value of `DWN_STORAGE` |
| `DWN_STORAGE_EVENTS` | URL to use for event storage | value of `DWN_STORAGE` |

### Storage Options

Expand All @@ -297,3 +300,26 @@ Several storage formats are supported, and may be configured with the `DWN_STORA
| Sqlite | `sqlite://dwn.db` | use three slashes for absolute paths, two for relative. Example shown creates a file `dwn.db` in the current working directory |
| MySQL | `mysql://user:pass@host/db?debug=true&timezone=-0700` | [all URL options documented here](https://github.com/mysqljs/mysql#connection-options) |
| PostgreSQL | `postgres:///dwn` | any options other than the URL scheme (`postgres://`) may also be specified via [standard environment variables](https://node-postgres.com/features/connecting#environment-variables) |

## Registration Requirements

There are multiple optional registration gates, each of which can be enabled (all are disabled by default). Tenants (DIDs) must comply with whatever
requirements are enabled before they are allowed to use the server. Tenants that have not completed the registration requirements will be met with a 401. Note that registration is tracked in a database, and only SQL-based databases are supported (LevelDB is not supported). Current registration
requirements are available at the `/info` endpoint.

- **Proof of Work** (`DWN_REGISTRATION_PROOF_OF_WORK_ENABLED=true`) - new tenants must GET `/registration/proof-of-work` for a challenge, then generate a nonce that produces a string that has a sha256 hex sum starting with the specified (`complexity`) number of zeros (`0`) when added to the end of the challenge (`sha256(challenge + nonce)`). This nonce should be POSTed to `/registration/proof-of-work` with a JSON body including the `challenge`, the nonce in field `response` and `did`. Challenges expire after 5 minutes, and complexity will increase based on the number of successful proof-of-work registrations that have been completed within the last hour. This registration requirement is listed in `/info` as `proof-of-work-sha256-v0`.
- **Terms of Service** (`DWN_TERMS_OF_SERVICE_FILE_PATH=/path/to/terms-of-service.txt`) - new tenants must GET `/registration/terms-of-service` to fetch the terms. These terms must be displayed to the human end-user, who must actively accept them. When the user accepts the terms, send the sha256 hash of the accepted terms and the user's did via POST `/registration/terms-of-service`. The JSON body should have fields `termsOfServiceHash` and `did`. To change the terms, update the file and restart the server. Users that accepted the old terms will be blocked until they accept the new terms. This registration requirement is listed in `/info` as `terms-of-service`.

## Server info

the server exposes information about itself via the `/info` endpoint, which returns data in the following format:

```json
{
"server": "@web5/dwn-server",
"maxFileSize": 1073741824,
"registrationRequirements": ["proof-of-work-sha256-v0", "terms-of-service"],
"version": "0.1.5",
"sdkVersion": "0.2.6"
}
```
Loading